As more businesses turn to AI, they face a number of challenges around integrating it effectively and obtaining the best value while still ensuring that their data remains secure. It's also important that they select the right AI provider for their needs.

We spoke to Naren Narendran, chief scientist at database specialist Aerospike, to discuss the strategic considerations and concerns enterprises face as they incorporate AI into their operations.

Continue reading →

Because email is the primary source of initial entry in many breaches, many organizations pay for sophisticated, third-party email filtering solutions on top of the protections afforded by Microsoft 365. This is a wise investment; having layers of protection by different vendors helps eliminate blind spots found in any one vendor solution and provides complexity that can foil attack attempts.

Yet, few know that threat actors can easily bypass these third-party filtering products by directing emails to onmicrosoft.com domains that are an inherent part of the Microsoft 365 configuration.

Continue reading →

You probably already know about how eSIMs work and their advantages when travelling to different countries.

Of course this functionality is useful for businesses as well as individuals and Nord Security -- the company behind NordVPN -- is launching a new version of its Saily eSIM service aimed specifically at business users.

Continue reading →

A new survey finds that while 94 percent of business leaders say AI is a top C-suite priority and 91 percent agree it provides a competitive advantage, only 37 percent are fully prepared to implement AI projects now.

The study from Riverbed of 1,200 decision makers globally finds that currently 54 percent of leaders say the primary reason for using AI is to drive operational efficiencies over growth (46 percent), however, by 2027 58 percent of organizations expect AI will primarily be a growth driver.

Continue reading →

A new report on the mobile threat landscape from Lookout reveals a 40.4 percent jump in mobile phishing attempts and malicious web attacks targeting enterprise organizations.

More than 80,000 malicious apps were detected on enterprise mobile devices. These threats can vary widely, from invasive permissions and riskware that pose significant compliance risks to sophisticated spyware capable of tracking devices, stealing data, eavesdropping on conversations and accessing the user' camera and microphone.

Continue reading →

Identities are probably the biggest attack surface for organizations in today's world as employees rely more on systems and apps to do their jobs.

Mapping identity and access data from the large, disparate, and often disconnected, mix of on-premise and cloud systems that enterprises use is a major challenge.

Continue reading →

Enterprises are increasingly looking to software bills of materials (SBOM) to understand the components inside the tech products they use in order to secure their software supply chain.

But do SBOMs really provide value? And how can they be used more effectively? We talked to Varun Badhwar, CEO and co-founder of Endor Labs, to find out the keys to using SBOMs successfully.

Continue reading →

Nearly two-thirds of CISOs report increasing budgets this year, with average growth rising from six percent in 2023 to eight percent this year, but this is only about half of growth rates in 2021 (16 percent) and 2022 (17 percent).

A study from IANS Research and Artico Search shows that a quarter of CISOs are experiencing flat budgets while 12 percent face declines.

Continue reading →

Enterprises are facing a rapidly changing privacy landscape, in which some laws contradict each other, while struggling to reduce costs and gain visibility into their privacy risks.

Indeed there’s been a recent increase in lawsuits against companies for online privacy violations that is putting significant strain on C-level executives and they're looking to their IT leaders to address all of this risk with technology.

Continue reading →

It's not what you know, it's what you don’t know that bites you. Cyber attacks, internal rogue employees, and general operational missteps are a constant at enterprises. The cost, both financially and human operationally, impacts morale and budgets.

Many enterprises think they have what they need to defend their attack surfaces, except for one thing: a clear view of ALL the assets that make up that attack surface -- devices, users, applications and vulnerabilities. Too many security teams are trying to protect expanding and increasingly complex infrastructures without knowing all their risk exposures.

Continue reading →

Third-party browser scripts are the code snippets that organizations put into their websites to run ads, analytics, chatbots, etc -- essentially anything that isn't coded by the organization itself.

Which sounds innocuous enough, but these scripts are increasingly being used as a vector for cyberattacks. We spoke to Simon Wijckmans, CEO of c/side, to understand how these attacks operate and what can be done to defend against them.

Continue reading →

Swiss company Proton is known for its privacy focused solutions including secure mail, VPN and password manager. Today the company launches a new service, Proton Drive for Business.

This is a comprehensive solution designed to provide secure and private cloud storage, file sharing, and real-time document collaboration for organizations. In an era where data breaches and unauthorized use of company documents are common, this new service offers security and privacy to businesses of all sizes, with end-to-end encryption.

Continue reading →

Manufacturing and industrial products remain the most targeted sectors by cyber threat actors in the first half of 2024, with 377 confirmed reports of ransomware and database leak hits in the first half of the year.

A new report from managed detection and response specialist Critical Start is based on analysis of 3,438 high and critical alerts generated by 20 supported Endpoint Detection and Response (EDR) solutions, as well as 4,602 reports detailing ransomware and database leak activities across 24 industries in 126 countries.

Continue reading →

A new study shows 91 percent of organizations are concerned about the expanded exposure footprint across non-production environments (including software development, testing, and data analytics).

Once a production dataset is copied many times over into non-production environments, more workers have access to it and the data is no longer subject to the same strict security controls.

Continue reading →

Organizations urgently need to modernize their application security practices so that they can support growth and mitigate risks according to a new report.

Thew study from Legit Security and TechTarget's Enterprise Strategy Group (ESG) finds nearly all organizations reporting difficulties in fixing vulnerabilities after applications are deployed, reinforcing the significance of incorporating security processes and tools in the build process.

Continue reading →